Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

Tunnel Commands

XSR CLI Reference Guide 14-131

Mode

Tunnelconfiguration:XSR#(config-tms-tunnel)#

Default

IPSec

Examples

ThefollowingexamplesetstheIPSectunnelprotocolinclientmode:

XSR(config)#interface vpn 29 point-to-point

XSR(config-int<vpn>)#tunnel ACME_VPN

XSR#(config-tms-tunnel)#set protocol ipsec client-mode

TheexamplebelowconnectsaGREtunnelattachedtoaVPNinterface:

XSR(config)#interface vpn 2 point-to-point

XSR(config-int<vpn>)#ip address 192.168.1.123 255.255.255.0

XSR#(config-int<vpn>)#tunnel my-gre-tunnel

XSR#(config-tms-tunnel)#set protocol gre

XSR#(config-tms-tunnel)#set peer 10.1.2.3

XSR#(config-tms-tunnel)#set active

set user

Thiscommandspecifiesauser’sidentitywhenconnectingtoapeer.ItinvokesEZ‐IPSecby

applyingthecredentials(passwordand/orcertificate)usedduringtunnelcreationobtainedfrom

theAAAsubsystem.AnEZ‐IPSectunnelusesaggressivemodewiththeusernameastheIKE

identity.Refertothe

aaa user,user-id,andshow crypto ca certificatecommandsformore

information.

Syntax

set user username

Mode

Tunnelconfiguration:XSR#(config-tms-tunnel)#

Examples

Thefollowingexamplespecifies thepre‐sharedkeyofapeerbyusername:

XSR(config)#interface vpn 29 point-to-point

XSR(config-int<vpn>)#tunnel ACME_VPN

XSR#(config-tms-tunnel)#set user jonathan

Thefollowingexamplespecifies thepre‐sharedkeyofapeerbycertificate:

XSR(config)#interface vpn 29 point-to-point

XSR(config-int<vpn>)#tunnel ACME_VPN

XSR#(config-tms-tunnel)#set user certificate

username

Usernameemployedwhenconnectingtothepeer.

previous next